<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
        
        
        
        <link rel="shortcut icon" href="../../img/favicon.ico">
        <title>第4天 - RHEL7学习笔记</title>
        <link href="../../css/bootstrap.min.css" rel="stylesheet">
        <link href="../../css/font-awesome.min.css" rel="stylesheet">
        <link href="../../css/base.css" rel="stylesheet">
        <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/styles/github.min.css">

        <script src="../../js/jquery-1.10.2.min.js" defer></script>
        <script src="../../js/bootstrap.min.js" defer></script>
        <script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js"></script>
        <script>hljs.initHighlightingOnLoad();</script> 
    </head>

    <body>
        <div class="navbar fixed-top navbar-expand-lg navbar-dark bg-primary">
            <div class="container">
                <a class="navbar-brand" href="../..">RHEL7学习笔记</a>
                <!-- Expander button -->
                <button type="button" class="navbar-toggler" data-toggle="collapse" data-target="#navbar-collapse">
                    <span class="navbar-toggler-icon"></span>
                </button>

                <!-- Expanded navigation -->
                <div id="navbar-collapse" class="navbar-collapse collapse">
                        <!-- Main navigation -->
                        <ul class="nav navbar-nav">
                            <li class="navitem">
                                <a href="../.." class="nav-link">关于</a>
                            </li>
                            <li class="dropdown">
                                <a href="#" class="nav-link dropdown-toggle" data-toggle="dropdown">RH124 <b class="caret"></b></a>
                                <ul class="dropdown-menu">
                                    
<li>
    <a href="../../RH124/" class="dropdown-item">RH124</a>
</li>
                                    
<li>
    <a href="../../RH124/day1/" class="dropdown-item">第1天</a>
</li>
                                    
<li>
    <a href="../../RH124/day2/" class="dropdown-item">第2天</a>
</li>
                                    
<li>
    <a href="../../RH124/day3/" class="dropdown-item">第3天</a>
</li>
                                    
<li>
    <a href="../../RH124/day4/" class="dropdown-item">第4天</a>
</li>
                                    
<li>
    <a href="../../RH124/day5/" class="dropdown-item">第5天</a>
</li>
                                    
<li>
    <a href="../../RH124/day6/" class="dropdown-item">第6天</a>
</li>
                                    
<li>
    <a href="../../RH124/disk/" class="dropdown-item">硬盘结构</a>
</li>
                                    
<li>
    <a href="../../RH124/ps_kill/" class="dropdown-item">练习 16：处理进程，`ps`，`kill`</a>
</li>
                                </ul>
                            </li>
                            <li class="dropdown active">
                                <a href="#" class="nav-link dropdown-toggle" data-toggle="dropdown">RH134 <b class="caret"></b></a>
                                <ul class="dropdown-menu">
                                    
<li>
    <a href="../" class="dropdown-item">RH134</a>
</li>
                                    
<li>
    <a href="../day1/" class="dropdown-item">第1天</a>
</li>
                                    
<li>
    <a href="../day2/" class="dropdown-item">第2天</a>
</li>
                                    
<li>
    <a href="../day3/" class="dropdown-item">第3天</a>
</li>
                                    
<li>
    <a href="./" class="dropdown-item active">第4天</a>
</li>
                                    
<li>
    <a href="../day5/" class="dropdown-item">第5天</a>
</li>
                                </ul>
                            </li>
                            <li class="dropdown">
                                <a href="#" class="nav-link dropdown-toggle" data-toggle="dropdown">RH254 <b class="caret"></b></a>
                                <ul class="dropdown-menu">
                                    
<li>
    <a href="../../RH254/" class="dropdown-item">RH254</a>
</li>
                                    
<li>
    <a href="../../RH254/day1/" class="dropdown-item">第1天</a>
</li>
                                    
<li>
    <a href="../../RH254/day2/" class="dropdown-item">第2天</a>
</li>
                                    
<li>
    <a href="../../RH254/day3/" class="dropdown-item">第3天</a>
</li>
                                    
<li>
    <a href="../../RH254/day4/" class="dropdown-item">第4天</a>
</li>
                                    
<li>
    <a href="../../RH254/day5/" class="dropdown-item">第5天</a>
</li>
                                </ul>
                            </li>
                        </ul>

                    <ul class="nav navbar-nav ml-auto">
                        <li class="nav-item">
                            <a href="#" class="nav-link" data-toggle="modal" data-target="#mkdocs_search_modal">
                                <i class="fa fa-search"></i> Search
                            </a>
                        </li>
                            <li class="nav-item">
                                <a rel="prev" href="../day3/" class="nav-link">
                                    <i class="fa fa-arrow-left"></i> Previous
                                </a>
                            </li>
                            <li class="nav-item">
                                <a rel="next" href="../day5/" class="nav-link">
                                    Next <i class="fa fa-arrow-right"></i>
                                </a>
                            </li>
                    </ul>
                </div>
            </div>
        </div>

        <div class="container">
            <div class="row">
                    <div class="col-md-3"><div class="navbar-light navbar-expand-md bs-sidebar hidden-print affix" role="complementary">
    <div class="navbar-header">
        <button type="button" class="navbar-toggler collapsed" data-toggle="collapse" data-target="#toc-collapse" title="Table of Contents">
            <span class="fa fa-angle-down"></span>
        </button>
    </div>

    
    <div id="toc-collapse" class="navbar-collapse collapse card bg-secondary">
        <ul class="nav flex-column">
            
            <li class="nav-item" data-level="1"><a href="#4" class="nav-link">第4天</a>
              <ul class="nav flex-column">
            <li class="nav-item" data-level="2"><a href="#firewalld" class="nav-link">Firewalld 防火墙</a>
              <ul class="nav flex-column">
              </ul>
            </li>
              </ul>
            </li>
        </ul>
    </div>
</div></div>
                    <div class="col-md-9" role="main">

<h1 id="4">第4天</h1>
<h2 id="firewalld"><font color=red>Firewalld 防火墙</font></h2>
<h3 id="_1">查看规则</h3>
<pre><code># 查看所有区域
firewall-cmd --get-zones
# 查看默认区域
firewall-cmd --get-default-zone
# 修改默认区域
firewall-cmd --set-default-zone=ZONE_NAME
# 查看默认区域规则
firewall-cmd --list-all
# 查看指定区域规则
firewall-cmd --list-all --zone=ZONE_NAME
# 查看所有区域规则
firewall-cmd --list-all-zones
# 查看所有防火墙可开放的服务
firewall-cmd --get-services
</code></pre>

<h3 id="_2">添加规则</h3>
<h4 id="_3">运行时生效</h4>
<pre><code># 添加端口到指定区域
firewall-cmd --add-port=PORT/PROTOCOL --zone=ZONE_NAME
# 添加服务到指定区域
firewall-cmd --add-service=SERVICE_NAME --zone=ZONE_NAME
# 添加网络到指定区域
firewall-cmd --add-source=IP_ADDR/NETMASK --zone=ZONE_NAME
# 添加网卡设备到指定区域
firewall-cmd --add-interface=DEVICE --zone=ZONE_NAME
# 添加富规则
firewall-cmd --add-rich-rule='rule FIREWALLD.RICHLANGUAGE'
</code></pre>

<h5 id="_4">常用富规则</h5>
<ul>
<li>family=    协议簇 ipv4/ipv6</li>
<li>source address=    源地址</li>
<li>service name=    服务名</li>
<li>port port=    protocol=    协议加端口号</li>
<li>fordward-port port=    protocol=   转发端口</li>
<li>to-port=    目标端口</li>
</ul>
<h4 id="_5">重载后生效</h4>
<pre><code>firewall-cmd --permanent --add-port=PORT/PROTOCOL --zone=ZONE_NAME --zone=ZONE_NAME
firewall-cmd --permanent --add-service=SERVICE_NAME --zone=ZONE_NAME --zone=ZONE_NAME
firewall-cmd --permanent --add-source=IP_ADDR/NETMASK --zone=ZONE_NAME --zone=ZONE_NAME
firewall-cmd --permanent --add-interface=DEVICE --zone=ZONE_NAME --zone=ZONE_NAME
firewall-cmd --permanent --add-rich-rule='rule FIREWALLD.RICHLANGUAGE'
</code></pre></div>
            </div>
        </div>

        <footer class="col-md-12">
            <hr>
            <p>Documentation built with <a href="https://www.mkdocs.org/">MkDocs</a>.</p>
        </footer>
        <script>
            var base_url = "../..",
                shortcuts = {"help": 191, "next": 78, "previous": 80, "search": 83};
        </script>
        <script src="../../js/base.js" defer></script>
        <script src="../../search/main.js" defer></script>

        <div class="modal" id="mkdocs_search_modal" tabindex="-1" role="dialog" aria-labelledby="searchModalLabel" aria-hidden="true">
    <div class="modal-dialog modal-lg">
        <div class="modal-content">
            <div class="modal-header">
                <h4 class="modal-title" id="searchModalLabel">Search</h4>
                <button type="button" class="close" data-dismiss="modal"><span aria-hidden="true">&times;</span><span class="sr-only">Close</span></button>
            </div>
            <div class="modal-body">
                <p>
                    From here you can search these documents. Enter
                    your search terms below.
                </p>
                <form>
                    <div class="form-group">
                        <input type="text" class="form-control" placeholder="Search..." id="mkdocs-search-query" title="Type search term here">
                    </div>
                </form>
                <div id="mkdocs-search-results"></div>
            </div>
            <div class="modal-footer">
            </div>
        </div>
    </div>
</div><div class="modal" id="mkdocs_keyboard_modal" tabindex="-1" role="dialog" aria-labelledby="keyboardModalLabel" aria-hidden="true">
    <div class="modal-dialog">
        <div class="modal-content">
            <div class="modal-header">
                <h4 class="modal-title" id="keyboardModalLabel">Keyboard Shortcuts</h4>
                <button type="button" class="close" data-dismiss="modal"><span aria-hidden="true">&times;</span><span class="sr-only">Close</span></button>
            </div>
            <div class="modal-body">
              <table class="table">
                <thead>
                  <tr>
                    <th style="width: 20%;">Keys</th>
                    <th>Action</th>
                  </tr>
                </thead>
                <tbody>
                  <tr>
                    <td class="help shortcut"><kbd>?</kbd></td>
                    <td>Open this help</td>
                  </tr>
                  <tr>
                    <td class="next shortcut"><kbd>n</kbd></td>
                    <td>Next page</td>
                  </tr>
                  <tr>
                    <td class="prev shortcut"><kbd>p</kbd></td>
                    <td>Previous page</td>
                  </tr>
                  <tr>
                    <td class="search shortcut"><kbd>s</kbd></td>
                    <td>Search</td>
                  </tr>
                </tbody>
              </table>
            </div>
            <div class="modal-footer">
            </div>
        </div>
    </div>
</div>

    </body>
</html>
